Is your feature request related to a problem? Please describe.

I'm using Intake to build a catalog server where the server stores the credentials and does not require our users to have the credentials on their clients. When using the Intake server with direct_access: allow the current scenario creates the SQLAlchemy engine by forwarding the connection string from the Intake server to the client. The alternative is direct_access: forbid which means that the Intake server connects to the database with its stored credentials json file and then forwards the data to the client. This creates a memory bottleneck in the Intake server. The direct_access: allow method forwards the connection string to the client to make the connection by passing credentials_path=/path/on/server/creds.json means that the client cannot authenticate.

Describe the solution you'd like

I'd like to have the full credentials inlined into the URL to enable our Intake server with direct_access: allow. While in a general case this may be less than ideal since this catalog server is forwarding secret information to the client, we deem it be acceptable in our case.

Many other SQLAlchemy drivers accept username/password credentials in their URLs so this does not feel any worse to me.

Describe alternatives you've considered

I have prepared a PR that I will submit.